Crypto: ECDSA
The ECDSA sample shows how to sign and verify messages using SHA-256 as the hashing algorithm and the secp256r1 curve.
Requirements
The sample supports the following development kits:
Hardware platforms |
PCA |
Board name |
Build target |
---|---|---|---|
PCA10095 |
|
||
PCA10095 |
|
||
PCA10090 |
|
||
PCA10090 |
|
||
PCA10056 |
|
When built for the nrf5340dk_nrf5340_cpuapp_ns
target, the sample is configured to compile and run as a non-secure application.
Therefore, it automatically includes Trusted Firmware-M that prepares the required peripherals and secure services to be available for the application.
This is also valid for the nrf9160dk_nrf9160_ns
build target, if the sample supports it.
Overview
The sample performs the following operations:
Initialization:
The Platform Security Architecture (PSA) API is initialized.
A random Elliptic Curve Cryptography (ECC) key pair is generated and imported into the PSA crypto keystore.
The public key of the ECDSA key pair is imported into the PSA crypto keystore.
ECDSA signing and verification:
Signing is performed using the private key of the ECC key pair.
The signature is verified using the exported public key.
Cleanup:
The key pair and public key are removed from the PSA crypto keystore.
Building and running
This sample can be found under samples/crypto/ecdsa
in the nRF Connect SDK folder structure.
See Building and programming an application for information about how to build and program the application.
Testing
After programming the sample to your development kit, complete the following steps to test it:
Connect to the kit with a terminal emulator (for example, PuTTY). See How to connect with PuTTY for the required settings.
Compile and program the application.
Observe the logs from the application using an RTT Viewer or a terminal emulator.
Note
By default, the sample is configured to use both RTT and UART for logging. If you are using RTT, skip the first step of the testing procedure.